Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
File:                     RNvjYmp2sEoSCIlwSViGPUJjLw8.mft (raw, json)
Hash identifier:          7NfftZG6WRhc3N59jpqb93hRWi0O6H/O05yufsA3HWQ=
Subject key identifier:   09:B5:45:17:A9:34:50:7E:C0:B9:6E:1C:BF:91:70:82:C2:E4:34:F6
Authority key identifier: 44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F
Certificate issuer:       /CN=44dbe3626a76b04a120889704958863d42632f0f
Certificate serial:       019921E74A1CC1EA078B2976735067BCC446
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
Manifest number:          0480
Signing time:             Sun 07 Sep 2025 02:00:29 +0000
Manifest this update:     Sun 07 Sep 2025 02:00:29 +0000
Manifest next update:     Mon 08 Sep 2025 02:00:29 +0000
Files and hashes:         1: RNvjYmp2sEoSCIlwSViGPUJjLw8.crl (hash: 9jFe2ApKxKVan8nAGHAS6sUvXlK3BAQ0HInzIpcEEC8=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 02:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:21:e7:4a:1c:c1:ea:07:8b:29:76:73:50:67:bc:c4:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44dbe3626a76b04a120889704958863d42632f0f
        Validity
            Not Before: Sep  7 02:00:29 2025 GMT
            Not After : Sep  8 02:00:29 2025 GMT
        Subject: CN=09b54517a934507ec0b96e1cbf917082c2e434f6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:34:ff:62:15:a5:b5:2b:98:1f:7c:bd:cd:ad:
                    39:37:bc:db:a0:0c:bd:26:7e:d9:a1:33:a1:b9:cd:
                    56:fd:64:c6:46:eb:07:b9:21:58:a5:bf:fa:74:65:
                    74:e6:55:60:6e:3b:1c:a6:e6:e8:ad:6f:05:97:7b:
                    c1:25:34:82:64:6a:50:7a:77:49:4b:3f:16:db:16:
                    24:2d:be:ed:18:92:77:ab:c8:4e:1c:31:41:44:0c:
                    51:b0:c0:b8:f8:17:51:65:7c:9b:5d:9f:16:72:c5:
                    3a:1a:a3:b9:67:5c:e8:49:29:75:41:05:53:bb:47:
                    00:ed:1b:08:a4:26:2d:42:c2:ad:c1:10:73:75:88:
                    38:35:71:ac:9c:02:f1:aa:de:7a:3c:d1:3d:48:1e:
                    5d:e2:a0:b1:ed:3f:af:a1:02:77:47:b8:e7:c3:f3:
                    8f:24:b3:94:ad:cb:fa:50:ca:e4:e9:60:3c:44:64:
                    46:5f:89:01:e0:26:6e:6e:28:b1:88:81:e6:c2:8e:
                    81:cf:19:5e:e2:58:f5:21:03:7d:3c:1b:59:85:09:
                    3f:66:5c:34:33:c3:fa:a8:92:15:82:30:cc:03:25:
                    83:c6:a3:86:cb:4a:4e:fe:d9:9e:7d:a4:25:42:51:
                    c3:60:f8:ad:f1:56:66:ae:3a:5c:b5:e6:26:a1:40:
                    91:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:B5:45:17:A9:34:50:7E:C0:B9:6E:1C:BF:91:70:82:C2:E4:34:F6
            X509v3 Authority Key Identifier:
                keyid:44:DB:E3:62:6A:76:B0:4A:12:08:89:70:49:58:86:3D:42:63:2F:0F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RNvjYmp2sEoSCIlwSViGPUJjLw8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c8e419-0346-433f-9309-de81f9ad779c/1/RNvjYmp2sEoSCIlwSViGPUJjLw8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         79:dc:e7:a4:07:9e:ce:b5:05:0f:98:ed:b6:f4:26:99:1c:2b:
         5e:78:69:2c:af:17:ba:18:d0:f8:ab:31:24:97:3a:ec:04:d9:
         97:b2:fd:77:58:df:d4:41:08:f7:72:ed:ac:d1:4d:80:c8:57:
         16:33:28:a9:34:58:07:2b:fe:14:7e:1f:64:ff:0a:a0:b4:5d:
         a0:a5:b3:bd:f8:86:db:d2:fb:d8:0f:44:e6:e6:00:5b:de:92:
         90:83:7b:a1:d3:87:fe:68:ed:18:08:43:4b:24:d8:81:2a:dd:
         45:c2:27:73:88:63:b5:0b:63:f6:41:8b:27:03:15:67:5a:9c:
         7d:11:10:41:b4:03:5c:00:80:c0:42:1a:0d:3a:9f:55:27:b7:
         d1:e8:20:b8:dd:7e:e8:a5:a0:b3:3e:68:ea:32:6a:01:73:24:
         10:fb:0f:57:0f:6c:c0:50:f3:ce:11:dd:2b:2d:b3:0d:5a:2a:
         f8:d5:84:b7:94:f6:64:cd:68:22:03:9e:f2:4e:0b:03:33:ed:
         e9:c4:06:69:5a:92:90:48:8d:95:f1:c7:15:48:cc:78:0e:5d:
         e4:e3:f1:f1:f8:17:0a:6d:70:da:f7:a7:dc:c9:80:99:04:05:
         47:b4:94:45:ce:7a:84:76:2c:af:98:d3:00:7c:a4:88:a2:bd:
         b4:fa:01:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkh50ocweoHiyl2c1BnvMRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZGJlMzYyNmE3NmIwNGExMjA4ODk3MDQ5NTg4NjNkNDI2
MzJmMGYwHhcNMjUwOTA3MDIwMDI5WhcNMjUwOTA4MDIwMDI5WjAzMTEwLwYDVQQD
EygwOWI1NDUxN2E5MzQ1MDdlYzBiOTZlMWNiZjkxNzA4MmMyZTQzNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjT/YhWltSuYH3y9za05N7zboAy9
Jn7ZoTOhuc1W/WTGRusHuSFYpb/6dGV05lVgbjscpuborW8Fl3vBJTSCZGpQendJ
Sz8W2xYkLb7tGJJ3q8hOHDFBRAxRsMC4+BdRZXybXZ8WcsU6GqO5Z1zoSSl1QQVT
u0cA7RsIpCYtQsKtwRBzdYg4NXGsnALxqt56PNE9SB5d4qCx7T+voQJ3R7jnw/OP
JLOUrcv6UMrk6WA8RGRGX4kB4CZubiixiIHmwo6Bzxle4lj1IQN9PBtZhQk/Zlw0
M8P6qJIVgjDMAyWDxqOGy0pO/tmefaQlQlHDYPit8VZmrjpcteYmoUCROwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAm1RRepNFB+wLluHL+RcILC5DT2MB8GA1UdIwQY
MBaAFETb42JqdrBKEgiJcElYhj1CYy8PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDkt
ZGU4MWY5YWQ3NzljLzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jOGU0MTktMDM0Ni00MzNmLTkzMDktZGU4MWY5YWQ3Nzlj
LzEvUk52alltcDJzRW9TQ0lsd1NWaUdQVUpqTHc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAedznpAee
zrUFD5jttvQmmRwrXnhpLK8XuhjQ+KsxJJc67ATZl7L9d1jf1EEI93LtrNFNgMhX
FjMoqTRYByv+FH4fZP8KoLRdoKWzvfiG29L72A9E5uYAW96SkIN7odOH/mjtGAhD
SyTYgSrdRcInc4hjtQtj9kGLJwMVZ1qcfREQQbQDXACAwEIaDTqfVSe30egguN1+
6KWgsz5o6jJqAXMkEPsPVw9swFDzzhHdKy2zDVoq+NWEt5T2ZM1oIgOe8k4LAzPt
6cQGaVqSkEiNlfHHFUjMeA5d5OPx8fgXCm1w2ven3MmAmQQFR7SURc56hHYsr5jT
AHykiKK9tPoBcg==
-----END CERTIFICATE-----